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AMENDMENTS 



The following listing of Claims will replace all prior versions and listing of claims 
in the application. 

1. (currently amended) A method for providing a first network resource access to 
a second network resource, comprising: 
fecefring-pFofile-datar 

gef^r^Rg^empefaiv-cr-edent-iais- tor - acc ess ing - th e s e cond n e twork r e sourc e 




p re v lding - th o- fir e t - n e twor k- r e eQurc e with th e t e mporary cr e d e ntials. 

locating a profile using profile data obtained from a client device, the profile 
containing data for identifying and for accessing the second network resource: 

supplying the profile to the second network resource: 

receiving, from the second network resource, temporary credentials for 
accessing the second network jiesource and generated according to the profile: and 

providing the_first network resource with the temporary credentials so that the 
first network resource can provide the second network resource with the temporary 
credentials to access the second network resource on behalf of the client device. 

2. (original) The method of Claim 1 , further comprising the act of invalidating the 
temporary credentials following a termination event 

3. (original) The method of Claim 2, wherein the termination event involves the 
lapse of a set time period. 

4. (currently amended) The method of Claim 2 T wherein the termination event 
involves the first se rv e r network resource accessing the second sefveF network 
resource . 
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5. (currently amended) The method of Claim 1, wherein the-aet-ef-generating 
temporary cr e d e ntia l s - inc lude s gonoroting temporary credentials that provide limited 
access to the s e rver network resource , 

6. (currently amended) A method for enabling an application server to accessing 
a data service, comprising: 

the application server instructing a client to provide profile data to an 
identification service, the identification service having access to one or more profiles 
used to access one or more data services, the profile data identifying a particular 
profile; 

the identifi cation service locatinqjhe particular profile using the f eseivqna profile 
data received from a client device, the profile containing data for identifying and for 
.accessing the data_service ; 

the identificatio n service providing the profile to the data service: 

the data service generating temporary credentials for accessing the data service 
identified by the particular profile; and 

th_e_applrcation server obtaining the temporary credential and providing 
assessing the data sen/ice «sie§ with the temporary credentials to access the data 
service on behalf of the client . 

7. (currently amended) The method of Claim 6, wherein the act of instructing the 
dient includes providing a user interface that includes instructions to send profile data 
to the identification service, and sending the interface to the client 

8. (original) The method of Claim 6 F wherein the act of instructing the client 
comprises redirecting the client to the identification service, 

9. (original) The method of Claim 6, further comprising the act of invalidating the 
temporary credentials following a termination event. 
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10. (original) The method of Claim 6 t wherein the act of generating temporary 
credentials comprises generating temporary credentials that provide limited access to 
the data service. 

1 1 . (currently amended) The method of Claim 6, wh oroin - the act of further 
comprising g e n e rating an int e rface - inc l ude s the_application server generating a framed 
web page having a first frame and a second frame, th e method furth e r comprising and 
providing, for the first frame, content for directing an application, and providing, for the 
second frame, content for selecting one or more electronic files managed by the data 
service identified by the-spoeifled particular profile, 

12. (currently amended) The method of Claim 1 1 , wh e rein tho act - of - eending tho 
profi l e data inc l ud e s further comprises the client s ending a cookie identifying the 
particular profile upon opening the framed web page. 

13. (currently amended) The method of Claim 1 1 , wherein the act of generating 
an interface includes generating an interface that includes instructions to request a web 
bug from the identification service, th_e_method further comprising the client and whoro ift 
the act of se nding th e profilo - d a ta - includ e s requesting the web bug, the request 
including a cookie identifying the particular profile. 

14. (currently amended) A method for enabling an application server to 
accessing a data service, comprising: 

the application server r eceiving, from a client, a request to direct an application; 

the application_server instructing the client deviee to provide profile data to an 
identification service, the identification service having access to one or more profiles for 
identifying accessing one or more data services, the profile data identifying a particular 
profile; 
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the identification service providing the data service with the particular profile 
identified bv reooivlng the profile data , the profile containing data for identifying and 
acc_essing_the_data service; 

the data service usino the profile to generate g e n e rating temporary credentials 
for accessing the data service id e nt i fi e d by the particular profile ; and 

the application server providing acc e ss i ng the data service using with the 
temporary credentials to access the data service on behalf of the client . 

15. (original) The method of Claim 14, wherein the act of instructing the client 
includes generating a user interface that includes instruction to send profile data to the 
identification service, and sending the interface to the client 

16. (original) The method of Claim 14, wherein the act of instructing the client 
comprises redirecting the client to the identification service, 

17. (original) The method of Claim 14, further comprising the act of invalidating 
the temporary credentials following a termination event 

18. (currently amended) The method of Claim 14, wherein the act of using the 
profile to generatem§ temporary credentials comprises generating temporary 
credentials that provide limited access to the data service. 

19. (currently amended) The method of Claim 14, further_comprisinp the 
application server w h e r e in th e aGt of - g e noratin o-a n -i nt e rf a c Q inc l ud e s generating a 
framed web page having a first frame and a second frame, the method further 
comprising providing, for the first frame, content for directing an application, and 
providing, for the second frame, content for selecting one or more electronic files 
managed by the data service identified by the particular profile. 
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20. (currently amended) The method of Claim 19, wherein the act of generating 
the framed web page includes generating a framed web page that includes instructions 
to request a web bug from the identification service, and wherein the act instructing the 
client device of s ending the pnofilo dato includes theclient device requesting the web 
bug upon opening the framed web page, the request including a cookie identifying the 
specified - particular profile. 

21. (currently amended) A computer readable medium having instructions for: 
rec e iving profi le data; 

using tho profil e data - to - gen e rat e temporary - cred e ntials for acces si ng a first 
se rv e r and 

provid ing a s e cond so e ver with th e temporary cr e d e nt i a l 

locating a profile using profile data obtained from a client device, the profile 

containin g data for identifying and for accessing the second network resource: 
supplying the profile to the second network resource: 
receiving, f rom the second network resource, temporary credentials for 

accessing the secon d network resource and generated accordino to the profile: and 
providing the first network resource with the temporary credentials so that the 

flrst network resource can provide the second network resource with the temporary 

credentials to access the second network resource on behalf of the client device. 

22. (original) The medium of Claim 21 , further having instructions for invalidating 
the temporary credentials following a termination event 

23. (original) The medium of Claim 22, wherein the termination event involves 
the lapse of a set period of time. 

24. (original) The medium of Claim 22, wherein the termination event involves 
the first server accessing the second server. 
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25. (original) The medium of Claim 21, wherein th e instructions for gonorating 
temporary crodontiaic includ e ■ inotructiono for generating temporary credentials that 
provide limited access to the second server. 

26. (currently amended) A computer readable medium having instructions for: 
instructing a client to provide profile data to an identification service, the 

identification service having access to one or more profiles used to access one or more 
data services, the profile data identifying a particular profile; 
receiving tho profile data; 

locating the particular prof ile using the profile data obtained from the client, tha 
profile containing dat a for identifying and for accessing the data service; 

generating temporary credentials for accessing the data sen/Ice identified by the 
particular profile; and 

accoocing providing the data service with the temporary credentials to access the 
data service on behalf of the client . 

27. (currently amended) The medium of Claim 3d 26, wherein the instructions for 
instructing the client include instructions for generating a user interface that includes 
instruction to send profile data to the identification service, and sending the interface to 
the client. 

28. (currently amended) The medium of Claim 39 26, wherein the instructions for 
instructing the client comprise instructions for redirecting the client to the identification 
service. 

29. (currently amended) The medium of Claim 3© 26, wherein the instructions for 
generating temporary credentials comprise instructions for generating temporary 
credentials that provide limited access to the data service. 
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30- (currently amended) The medium of Claim 3© 26, having further instructions 
for wh e r e in th e instruction s fbr - g e nerating on interfac e includ e inotruotions for 
generating a framed web page having a first frame and a second frame, tho - modium 
6 ompRsing - furthor - instRjetions - f ef and providing, for the first frame, content for directing 
an application, and providing, for the second frame, content for selecting one or more 
electronic files managed by the accessed data service. 

31. (original) The medium of Claim 30, wherein the instructions for generating 
the framed web page include instructions for generating a framed web page that 
includes instructions to request a web bug from the identification service, the request to 
include a cookie identifying the particular profile. 

32. (currently amended) A computer readable medium having instructions for 
generating an interface having user accessible controls for creating a profile for 

accessing a data service; 

creating a profile according to selections made through the interface the profile 
containing data for identifying and accessing the data service : 

providing a client device with profile data identifying a created profile; 

upon receiving profile data, retrieving a profile identified by the profile data 
received; 

generating temporary credentials for accessing the data service identified by the 
retrieved profile; and 

providing an application server with the temporary credentials for accessing the 
data service on behalf of the client device . 

33. (currently amended) The medium of Claim 3© 32, further comprising 
instructions for invalidating the temporary credentials following a termination event 

34. (currently amended) The medium of Claim 3^33, wherein the termination 
event involves the lapse of a set time period. 
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35. (currently amended) The medium of Claim 3? 33, wherein the termination 
event involves accessing the data service. 

36. (currently amended) The medium of Claim 3§ 32, wherein the instructions for 
generating temporary credentials comprise instructions for generating temporary 
credentials that provide limited access to the data service. 

37. (currently amended) The medium of Claim 36 32, wherein the instructions for 
providing a client device with profile data comprise instructions for generating a cookie 
containing data identifying the created profile and instructing a web browser operating 
on the client device to save the cookie. 

38. (currently amended) A computer readable medium having instructions for: 
generating a profile interface having user accessible controls for creating a 

profile for locating and accessing a data service; 

creating a profile according to selections made through the profile interfac e Jjhe 
profile c ontaining data for identifying and accessing the data service : 

providing a client device with profile data identifying a created profile; 

receiving a request to access an application; 

instructing a client to send profile data; 

receiving the profile data; 

retrieving a profile identified by the profile data; 

generating temporary credentials for accessing a data service identified by the 
retrieved profile; and 

pjpviding acc e ssing the data service with the temporary credentials to access the 
data service on behalf of the client . 

39. (currently amended) The medium of Claim 38, wherein the instructions for 
instructing the client include instructions for generating a user interface that includes 
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instruction to send profile data to tho identification sorvioo , and sending the interface to 
the client. 

40. (currently amended) The medium of Claim 38. wherein the instructions for 
instructing the client comprise instructions for redirecting the client to4 ho identification 

41. (original) The medium of Claim 38, wherein the instructions for generating 
temporary credentials comprise instructions for generating temporary credentials that 
provide limited access to the data service. 

42. (currently amended) The medium of Claim 38, wherein - tho - inatRK^tiQns - fQr 



page having a first frame and a second frame, the medium having further instructions 
for providing, for the first frame, content for directing the application, and providing, for 
the second frame, content for selecting one or more electronic files managed by the 
accessed data service. 

43. (currently amended) The medium of Claim 38 42, wherein the instructions for 
providing a client deviee with profile data comprise instructions for providing the client 
device with a cookie, and wherein the instructions for generating the framed web page 
include instructions for generating a framed web page that includes instructions to 
request a web bug from the identification service, the request to include the cookie. 

44. (currently amendedoriginal) A system for providing a first server with access 
to a second server, comprising: an identification service in network communication with 
a credential module, the credential module operable to use a profile acquired by the 
identification service to generate temporary credentials for accessing the second 
server, the identification sen/ice being operable to receive profile data from a client , to 
acquire a profile identified by the profile data, and to. provide the first server with the 
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temporary credentials generated by the credential modul e, the credential module and 
the identification, together being operable to provide the first server with the temporary 
credentials enabling the first server to provide the second server with the credentials to 
access the second server on behalf of the client . 

45. (original) The system of Claim 44, wherein the credential module is further 
operable to invalidate the temporary credentials following a termination event 

46. (original) The system of Claim 45, wherein the termination event Involves the 
lapse of a set time period. 

47. (original) The system of Claim 45, wherein the termination event involves the 
first server accessing the second server. 

48. (original) The system of Claim 44, wherein the credential module is further 
operable to generate temporary credentials that provide limited access to the second 
server. 

49. (currently amended) A system for accessing a data service comprising: 

an identification service operable to receive profile data from a client identifying a 
particular profile and to provide that profile, the profile to contain electronic data used to 
identify the data service; 

a credential module operable to obtain the profile from the identification service, 
generate temporary credentials, and map those credentials to the data service 
identified by the profile; and 

an application server operable to serve an interface containing instructions to 
send profile data to the identification service, to obtain the temporary credentials, and to 
a cc ess provide the data service with the temporary credentials to access the data 
service on behalf of the client . 



S/N: 10/085,971 
Case: 10013820-1 
Response to Office Action 



11 



PAGE 13«2 * RCVD AT 7/13/20D5 3:22:33 PM [Eastern Daylight Time] * SVR:USPT0-EFXRF-1/2 * DNlS:8729306 * CS!D:208 433 9295 ^ DURATION (mm^s):08-18 



JUL-T3-2005 (WED) 13:24 



Ormiston & McKinney 



(FAX)208 433 9295 



P. 014/032 



50. (original) The system of Claim 49, wherein the credential module is further 
operable to invalidate the temporary credentials following a termination event. 

51 . (original) The system of Claim 49, further comprising: 

an application content provider in communication with the application server and 
operable to generate content for directing an application; and 

. a data content provider in communication with the application server and 
operable to generate content for selecting electronic files managed by the accessed 
data service. 

52. (original) The system of Claim 51 , wherein the application server is operable 
to create the interface in the form of a framed web page having a first frame for 
displaying the content generated by the application content provider and a second 
frame for displaying the content generated by the data content provider, the framed 
web page also including instructions to request a web bug from the identification 
service, the request to include the profile data. 

53. (original) The system of Claim 51 , further comprising a web browser operable 
to request and display the interface in the form of the framed web page and to request 
the web bug providing the profile data to the identification service. 

54. (currently amended) A system for accessing a data service comprising: 
an identification service operable to generate a profile interface having user 

accessible controls for creating a profile containing electronic data used to identify the 
data service, to create a profile using selections made through the profile interface, to 
issue instructions to store profile data used to access the created profile, to receive^ 
from a client, profile data identifying a particular profile, and to provide that profile: 

a credential module operable to obtain the profile from the identification service, 
generate temporary credentials, and map those credentials to the data service 
identified by the profile; and 
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an application server operable to serve an application interface that includes 
instructions to send profile data to the identification service, to obtain the temporary 
credentials, and to aeeeee provide, the data service with the temporary credentials to 
access the data service on behalf of the client . 

55. (original) The system of Claim 54, wherein the credential module is further 
operable to invalidate the temporary credentials following a termination event. 

56. (original) The system of Claim 54, further comprising: 

an application content provider in communication with the application server and 
operable to generate application content for directing an application: and 

a data content provider in communication with the application server and 
operable to generate data content for selecting electronic files managed by the 
accessed data service. 

57. (original) The system of Claim 56, wherein the application server is operable 
to create the application interface in the form of a framed web page having a first frame 
for displaying the content generated by the application content provider and a second 
frame for displaying the content generated by the data content provider, the framed 
web page also including instructions to request a web bug from the identification 
service, the request to include the profile data. 

58. (original) The system of Claim 54, further comprising a browser operable to 
request and display the profile and application interfaces. 

59. (currently amended) A system for accessing data, comprising: 

a means for generating a profile interface having user accessible controls for 
creating a profile containing electronic data used to identify a particular data service; 

a means for creating a profile using selections made through the profile 
interface; 
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a means for issuing instructions to store profile data used to access the created 

profile; 

a means for receivin g, from a client profile data identifying a particular profile; 
a means for providing the particular profile; 
a means for generating temporary credentials; 

a means for mapping the temporary credentials to the data sen/Ice identified by 
the provided profile; 

a means for serving an application interface that includes instructions to send 
profile data to the identification service; 

a means for acces s providing the data service with the temporary credentials to 
access the data service on behalf of the client : and 

a means for invalidating the temporary credentials. 
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